CVE-2023-23415

Name of the Vulnerable Software and Affected Versions Windows Server 2008 versions prior to Mar 14, 2023 Windows Server 2012 versions prior to Mar 14, 2023 Windows Server 2016 versions prior to Mar 14, 2023 Windows 10 versions prior to Mar 14, 2023 Windows 11 versions prior to Mar 14, 2023 Windows Server 2022 versions prior to Mar 14, 2023 Windows Server 2019 versions prior to Mar 14, 2023

Description The vulnerability is related to the implementation of the Internet Control Message Protocol (ICMP) in the Windows operating system kernel, which is associated with insufficient input validation. This issue can be exploited by a remote attacker to execute arbitrary code. The exploitation involves a low-level protocol error containing a fragmented IP packet in the header sent to the target machine.

Recommendations For Windows Server 2008, update to a version released after Mar 14, 2023. For Windows Server 2012, update to a version released after Mar 14, 2023. For Windows Server 2016, update to a version released after Mar 14, 2023. For Windows 10, update to a version released after Mar 14, 2023. For Windows 11, update to a version released after Mar 14, 2023. For Windows Server 2022, update to a version released after Mar 14, 2023. For Windows Server 2019, update to a version released after Mar 14, 2023.